Forum: NGINX testssl.sh - script to test your ssl-setup from cli

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
2974d09ac2541e892966b762aad84943?d=identicon&s=25 mex (Guest)
on 2014-04-04 15:28
(Received via mailing list)
web: https://testssl.sh/
repo: https://bitbucket.org/nginx-goodies/testssl.sh

testssl.sh is a free Unix command line tool which checks a server's
service
on any port for the support of TLS/SSL ciphers, protocols as well as
some
cryptographic flaws.

It's designed to provide clear output for a "is this good or bad"
decision.



It is working on every Linux distribution which has OpenSSL installed.
As
for security reasons some distributors outphase the buggy stuff – and
this
is exactly you want to check for – it's recommended to compile OpenSSL
by
yourself or check out the OpenSSL binaries below (Linux). You will get a
warning though if your OpenSSL client cannot perform a specific check,
see
below.

testssl.sh is portable, it is supposed to work on any other Unix system
(preferably with GNU tools) and on cygwin, supposed it can find the
OpenSSL
binary.

disclaimer: i'm not the cretator of that script; i'm just maintaing the
repo. owner & contact might be found on the webpage https://testssl.sh/


regards,


mex

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,248997,248997#msg-248997
59cbef07353900a80e69070aebc0b820?d=identicon&s=25 MacLemon (Guest)
on 2014-04-04 17:05
(Received via mailing list)
There is also cipherscan by Julien Vehent (with a bunch of patches by
mzeltner and me).

https://github.com/mzeltner/cipherscan

Original repo doesn't yet include our pull request
https://github.com/jvehent/cipherscan

It works with any *nix or *tux with OpenSSL. (Tested with Debian, OS X,
Solaris and FreeBSD.) You can specify which openssl binary you want to
use to enumerate ciphers and protocols. Also gives details about DH
parameters, key exchange and PFS.

Feedback is welcome!
Best regards
Pepi
2974d09ac2541e892966b762aad84943?d=identicon&s=25 mex (Guest)
on 2014-04-04 17:28
(Received via mailing list)
thanx, nice tool!

i integrated this into our ssl-guide
https://www.mare-system.de/guide-to-nginx-ssl-spdy...

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,248997,249000#msg-249000
This topic is locked and can not be replied to.